|
Family: CGI abuses --> Category: infos
SunONE Application Server source disclosure Vulnerability Scan
Vulnerability Scan Summary Attempts to read the source of a jsp page
Detailed Explanation for this Vulnerability Test
It is possible to make the remote web server disclose the source
code of its JSP pages by requesting the pages with a different
case (ie: filename.JSP instead of filename.jsp).
A possible hacker may use this flaw to get the source code of your CGIs
and possibly obtain passwords and other relevant information about
this host.
Solution : None at this time
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|